Percona Server moved to https://jira.percona.com/projects/PS

Merge lp:~laurynas-biveinis/percona-server/super-read-only into lp:percona-server/5.6

super-read-only
Merge into 5.6

Proposed by Laurynas Biveinis on 2014-10-17

Status:	Merged
Approved by:	Sergei Glushchenko on 2014-10-20
Approved revision:	no longer in the source branch.
Merged at revision:	686
Proposed branch:	lp:~laurynas-biveinis/percona-server/super-read-only
Merge into:	lp:percona-server/5.6
Diff against target:	865 lines (+624/-19) 14 files modified mysql-test/r/mysqld--help-notwin.result (+3/-0) mysql-test/suite/rpl/r/rpl_ignore_super_read_only.result (+27/-0) mysql-test/suite/rpl/t/rpl_ignore_super_read_only-slave.opt (+1/-0) mysql-test/suite/rpl/t/rpl_ignore_super_read_only.test (+32/-0) mysql-test/suite/sys_vars/r/super_read_only_basic.result (+263/-0) mysql-test/suite/sys_vars/t/super_read_only_basic.test (+232/-0) sql/handler.cc (+13/-2) sql/lock.cc (+6/-4) sql/mysqld.cc (+2/-0) sql/mysqld.h (+1/-1) sql/sql_parse.cc (+9/-5) sql/sql_trigger.cc (+6/-3) sql/sys_vars.cc (+23/-0) sql/transaction.cc (+6/-4)
To merge this branch:	bzr merge lp:~laurynas-biveinis/percona-server/super-read-only
Related bugs:	Link a bug report
Related blueprints:	--super-read-only: --read-only affecting SUPER users (Medium)

Reviewer	Review Type	Date Requested	Status
Sergei Glushchenko (community)	g2	2014-10-17	Approve on 2014-10-20
Review via email: mp+238747@code.launchpad.net

Description of the change

Port --super-read-only option from WebScaleSQL, implementing
https://blueprints.launchpad.net/percona-server/+spec/super-read-only.

It is based on the patch at
https://github.com/webscalesql/webscalesql-5.6/commit/73fe122dd4b7f1a0fa79f338a7a0c4e5809389e2
with the following differences:
- super read only is enforced for DROP TRIGGER too;
- added MTR tests for the implemented but untested cases in the
original patch: multi-table update, START TRANSACTION READ WRITE, and
CREATE TRIGGER.

http://jenkins.percona.com/job/percona-server-5.6-param/740/

Revision history for this message

Laurynas Biveinis (laurynas-biveinis) wrote on 2014-10-17:

BT 46192

Revision history for this message

Sergei Glushchenko (sergei.glushchenko) wrote on 2014-10-20:

Approve

review: Approve (g2)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Laurynas Biveinis

Percona core

zhangyuan

 === modified file 'mysql-test/r/mysqld--help-notwin.result'
 --- mysql-test/r/mysqld--help-notwin.result	2014-10-01 13:08:27 +0000
 +++ mysql-test/r/mysqld--help-notwin.result	2014-10-17 16:06:20 +0000
@@ -1008,6 +1008,8 @@
   --stored-program-cache=#
   The soft upper limit for number of cached stored routines
   for one connection.
++ --super-read-only   Enable read_only, and also block writes by users with the
++ SUPER privilege
   -s, --symbolic-links
   Enable symbolic link support.
   --sync-binlog=#     Synchronously flush binary log to disk after every #th
@@ -1390,6 +1392,7 @@
  sporadic-binlog-dump-fail FALSE
  sql-mode NO_ENGINE_SUBSTITUTION
  stored-program-cache 256
++super-read-only FALSE
  symbolic-links FALSE
  sync-binlog 0
  sync-frm TRUE
 === added file 'mysql-test/suite/rpl/r/rpl_ignore_super_read_only.result'
 --- mysql-test/suite/rpl/r/rpl_ignore_super_read_only.result	1970-01-01 00:00:00 +0000
 +++ mysql-test/suite/rpl/r/rpl_ignore_super_read_only.result	2014-10-17 16:06:20 +0000
@@ -0,0 +1,27 @@
++# This unit test is only to test super_read_only=1 doesn't cause
++# errors when executing "CHANGE MASTER".
++#
++# It is not intended to test general super_read_only functionality.
++#
++# Comprehensive super_read_only testing is in the
++# sys_vars.super_read_only_basic test.
++include/master-slave.inc
++Warnings:
++Note	####	Sending passwords in plain text without SSL/TLS is extremely insecure.
++Note	####	Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information.
++[connection master]
++create table t1(a int);
++insert into t1 values(1);
++set @@global.super_read_only=1;
++include/stop_slave.inc
++change master to master_connect_retry=20;
++include/start_slave.inc
++insert into t1 values(2);
++select * from t1;
++a
++1
++2
++set @@global.super_read_only=0;
++set @@global.read_only=0;
++drop table t1;
++include/rpl_end.inc
 === added file 'mysql-test/suite/rpl/t/rpl_ignore_super_read_only-slave.opt'
 --- mysql-test/suite/rpl/t/rpl_ignore_super_read_only-slave.opt	1970-01-01 00:00:00 +0000
 +++ mysql-test/suite/rpl/t/rpl_ignore_super_read_only-slave.opt	2014-10-17 16:06:20 +0000
@@ -0,0 +1,1 @@
++--relay_log_info_repository='TABLE'
 === added file 'mysql-test/suite/rpl/t/rpl_ignore_super_read_only.test'
 --- mysql-test/suite/rpl/t/rpl_ignore_super_read_only.test	1970-01-01 00:00:00 +0000
 +++ mysql-test/suite/rpl/t/rpl_ignore_super_read_only.test	2014-10-17 16:06:20 +0000
@@ -0,0 +1,32 @@
++--echo # This unit test is only to test super_read_only=1 doesn't cause
++--echo # errors when executing "CHANGE MASTER".
++--echo #
++--echo # It is not intended to test general super_read_only functionality.
++--echo #
++--echo # Comprehensive super_read_only testing is in the
++--echo # sys_vars.super_read_only_basic test.
++
++source include/master-slave.inc;
++
++connection master;
++create table t1(a int);
++insert into t1 values(1);
++sync_slave_with_master;
++
++set @@global.super_read_only=1;
++source include/stop_slave.inc;
++change master to master_connect_retry=20;
++source include/start_slave.inc;
++
++connection master;
++insert into t1 values(2);
++sync_slave_with_master;
++
++select * from t1;
++set @@global.super_read_only=0;
++set @@global.read_only=0;
++
++connection master;
++drop table t1;
++
++source include/rpl_end.inc;
 === added file 'mysql-test/suite/sys_vars/r/super_read_only_basic.result'
 --- mysql-test/suite/sys_vars/r/super_read_only_basic.result	1970-01-01 00:00:00 +0000
 +++ mysql-test/suite/sys_vars/r/super_read_only_basic.result	2014-10-17 16:06:20 +0000
@@ -0,0 +1,263 @@
++#
++# Setup
++#
++# Save original value
++set @start_read_only= @@global.read_only;
++set @start_super_read_only= @@global.super_read_only;
++grant CREATE, SELECT, DROP on *.* to test@localhost;
++# connect (con1,localhost,test,,test);
++# connection default;
++#
++# Test combinations of settings and changes
++#
++# ro,sro: 0,0: set ro->0: 0,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 0,0: set ro->1: 1,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 0,0: set sro->0: 0,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 0,0: set sro->1: 1,1
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++# ro,sro: 1,0: set ro->0: 0,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 1,0: set ro->1: 1,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 1,0: set sro->0: 1,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 1,0: set sro->1: 1,1
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++# ro,sro: 1,1: set ro->0: 0,0
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++set global read_only=0;
++select @@global.read_only;
++@@global.read_only
++0
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 1,1: set ro->1: 1,1
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++set global read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++# ro,sro: 1,1: set sro->0: 1,0
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++set global super_read_only=0;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++0
++# ro,sro: 1,1: set sro->1: 1,1
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++set global super_read_only=1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++set global read_only=0;
++set global super_read_only=0;
++DROP TABLE IF EXISTS t1,t2,t3;
++#
++# Create tables/Make sure normal writes work
++#
++set global super_read_only=0;
++connection con1;
++create table t1 (a int);
++insert into t1 values(1);
++create table t2 select * from t1;
++update t1, t2 set t1.a=2, t2.a=2;
++start transaction read write;
++commit;
++create trigger trig before insert on t1 for each row set new.a = new.a;
++connection default;
++#
++# Make sure it blocks SUPER
++#
++set global super_read_only=1;
++create table t3 (a int);
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++drop table t3;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++update t1, t2 set t1.a=3, t2.a=3;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++start transaction read write;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++drop trigger trig;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++#
++# Make sure it still blocks for non-super
++#
++connection con1;
++select @@global.read_only;
++@@global.read_only
++1
++select @@global.super_read_only;
++@@global.super_read_only
++1
++create table t3 (a int);
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++insert into t1 values(1);
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++update t1, t2 set t1.a=3, t2.a=3;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++start transaction read write;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++drop trigger trig;
++ERROR HY000: The MySQL server is running with the --read-only (super) option so it cannot execute this statement
++#
++# Cleanup
++#
++connection default;
++set global super_read_only=0;
++drop table t1,t2;
++drop user test@localhost;
++set global read_only= @start_read_only;
++set global super_read_only= @start_super_read_only;
 === added file 'mysql-test/suite/sys_vars/t/super_read_only_basic.test'
 --- mysql-test/suite/sys_vars/t/super_read_only_basic.test	1970-01-01 00:00:00 +0000
 +++ mysql-test/suite/sys_vars/t/super_read_only_basic.test	2014-10-17 16:06:20 +0000
@@ -0,0 +1,232 @@
++# Test of the SUPER_READ_ONLY modification to the READ_ONLY global variable:
++# check that it blocks updates even with SUPER privs
++
++# should work with embedded server after mysqltest is fixed
++--source include/not_embedded.inc
++
++
++--echo #
++--echo # Setup
++--echo #
++
++--echo # Save original value
++set @start_read_only= @@global.read_only;
++set @start_super_read_only= @@global.super_read_only;
++
++grant CREATE, SELECT, DROP on *.* to test@localhost;
++
++--echo # connect (con1,localhost,test,,test);
++connect (con1,localhost,test,,test);
++
++--echo # connection default;
++connection default;
++
++
++--echo #
++--echo # Test combinations of settings and changes
++--echo #
++
++--echo # ro,sro: 0,0: set ro->0: 0,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 0,0: set ro->1: 1,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 0,0: set sro->0: 0,0
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 0,0: set sro->1: 1,1
++set global read_only=0;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++# We don't care about 0,1 - since all this ensures it can't happen.
++
++--echo # ro,sro: 1,0: set ro->0: 0,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,0: set ro->1: 1,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,0: set sro->0: 1,0
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,0: set sro->1: 1,1
++set global read_only=1;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++
++--echo # ro,sro: 1,1: set ro->0: 0,0
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,1: set ro->1: 1,1
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++set global read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,1: set sro->0: 1,0
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=0;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--echo # ro,sro: 1,1: set sro->1: 1,1
++set global read_only=1;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++set global super_read_only=1;
++select @@global.read_only;
++select @@global.super_read_only;
++
++--disable_warnings
++set global read_only=0;
++set global super_read_only=0;
++DROP TABLE IF EXISTS t1,t2,t3;
++--enable_warnings
++
++
++--echo #
++--echo # Create tables/Make sure normal writes work
++--echo #
++
++set global super_read_only=0;
++
++--echo connection con1;
++connection con1;
++
++create table t1 (a int);
++
++insert into t1 values(1);
++
++create table t2 select * from t1;
++
++update t1, t2 set t1.a=2, t2.a=2;
++
++start transaction read write;
++commit;
++
++create trigger trig before insert on t1 for each row set new.a = new.a;
++
++--echo connection default;
++connection default;
++
++
++--echo #
++--echo # Make sure it blocks SUPER
++--echo #
++
++set global super_read_only=1;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++create table t3 (a int);
++
++--error ER_OPTION_PREVENTS_STATEMENT
++drop table t3;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++update t1, t2 set t1.a=3, t2.a=3;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++start transaction read write;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++drop trigger trig;
++
++--echo #
++--echo # Make sure it still blocks for non-super
++--echo #
++
++--echo connection con1;
++connection con1;
++
++select @@global.read_only;
++select @@global.super_read_only;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++create table t3 (a int);
++
++--error ER_OPTION_PREVENTS_STATEMENT
++insert into t1 values(1);
++
++--error ER_OPTION_PREVENTS_STATEMENT
++update t1, t2 set t1.a=3, t2.a=3;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++start transaction read write;
++
++--error ER_OPTION_PREVENTS_STATEMENT
++drop trigger trig;
++
++--echo #
++--echo # Cleanup
++--echo #
++
++--echo connection default;
++connection default;
++set global super_read_only=0;
++disconnect con1;
++drop table t1,t2;
++drop user test@localhost;
++
++# Restore original value
++set global read_only= @start_read_only;
++set global super_read_only= @start_super_read_only;
 === modified file 'sql/handler.cc'
 --- sql/handler.cc	2014-08-22 10:02:24 +0000
 +++ sql/handler.cc	2014-10-17 16:06:20 +0000
@@ -1483,12 +1483,23 @@
        DEBUG_SYNC(thd, "ha_commit_trans_after_acquire_commit_lock");
+     }
++    bool enforce_ro= true;
++    if (!opt_super_readonly)
++      enforce_ro= !(thd->security_ctx->master_access & SUPER_ACL);
++    /*
++      Ignore super_read_only when ignore_global_read_lock is set.
++      ignore_global_read_lock is set for transactions on replication
++      repository tables.
++    */
++    if (ignore_global_read_lock)
++      enforce_ro= false;
      if (rw_trans &&
          opt_readonly &&
--        !(thd->security_ctx->master_access & SUPER_ACL) &&
++        enforce_ro &&
          !thd->slave_thread)
+     {
--      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
++      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++               opt_super_readonly ? "--read-only (super)" : "--read-only");
        ha_rollback_trans(thd, all);
        error= 1;
        goto end;
 === modified file 'sql/lock.cc'
 --- sql/lock.cc	2014-02-25 07:30:22 +0000
 +++ sql/lock.cc	2014-10-17 16:06:20 +0000
@@ -116,7 +116,7 @@
  lock_tables_check(THD *thd, TABLE **tables, uint count, uint flags)
+ {
    uint system_count= 0, i= 0;
--  bool is_superuser= false;
++  bool enforce_ro= true;
    /*
      Identifies if the executed sql command can updated either a log
      or rpl info table.
@@ -125,7 +125,8 @@
    DBUG_ENTER("lock_tables_check");
--  is_superuser= thd->security_ctx->master_access & SUPER_ACL;
++  if (!opt_super_readonly)
++    enforce_ro= !(thd->security_ctx->master_access & SUPER_ACL);
    log_table_write_query=
       is_log_table_write_query(thd->lex->sql_command);
@@ -197,9 +198,10 @@
      if (!(flags & MYSQL_LOCK_IGNORE_GLOBAL_READ_ONLY) && !t->s->tmp_table)
+     {
        if (t->reginfo.lock_type >= TL_WRITE_ALLOW_WRITE &&
--          !is_superuser && opt_readonly && !thd->slave_thread)
++          enforce_ro && opt_readonly && !thd->slave_thread)
+       {
--        my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
++        my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++                 opt_super_readonly ? "--read-only (super)" : "--read-only");
          DBUG_RETURN(1);
+       }
+     }
 === modified file 'sql/mysqld.cc'
 --- sql/mysqld.cc	2014-09-26 04:43:24 +0000
 +++ sql/mysqld.cc	2014-10-17 16:06:20 +0000
@@ -456,6 +456,7 @@
  uint opt_server_id_bits= 0;
  ulong opt_server_id_mask= 0;
  my_bool read_only= 0, opt_readonly= 0;
++my_bool super_read_only= 0, opt_super_readonly= 0;
  my_bool use_temp_pool, relay_log_purge;
  my_bool relay_log_recovery;
  my_bool opt_sync_frm, opt_allow_suspicious_udfs;
@@ -9259,6 +9260,7 @@
      MY_TEST(global_system_variables.optimizer_switch &
              OPTIMIZER_SWITCH_ENGINE_CONDITION_PUSHDOWN);
++  opt_super_readonly= super_read_only;
    opt_readonly= read_only;
    return 0;
 === modified file 'sql/mysqld.h'
 --- sql/mysqld.h	2014-09-26 04:43:24 +0000
 +++ sql/mysqld.h	2014-10-17 16:06:20 +0000
@@ -120,7 +120,7 @@
  extern my_bool opt_slave_compressed_protocol, use_temp_pool;
  extern ulong slave_exec_mode_options;
  extern ulonglong slave_type_conversions_options;
--extern my_bool read_only, opt_readonly;
++extern my_bool read_only, opt_readonly, super_read_only, opt_super_readonly;
  extern my_bool lower_case_file_system;
  extern ulonglong slave_rows_search_algorithms_options;
  #ifndef DBUG_OFF
 === modified file 'sql/sql_parse.cc'
 --- sql/sql_parse.cc	2014-09-26 15:39:39 +0000
 +++ sql/sql_parse.cc	2014-10-17 16:06:20 +0000
@@ -1083,7 +1083,7 @@
      ((ulong)(thd->security_ctx->master_access & SUPER_ACL) ==
       (ulong)SUPER_ACL);
--  if (user_is_super)
++  if (user_is_super && (!opt_super_readonly))
      DBUG_RETURN(FALSE);
    if (!(sql_command_flags[lex->sql_command] & CF_CHANGES_DATA))
@@ -2782,7 +2782,8 @@
      */
      if (deny_updates_if_read_only_option(thd, all_tables))
+     {
--      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
++      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++               opt_super_readonly ? "--read-only (super)" : "--read-only");
        DBUG_RETURN(-1);
+     }
  #ifdef HAVE_REPLICATION
@@ -3756,12 +3757,15 @@
  #endif /* HAVE_REPLICATION */
        if (res)
          break;
++      bool enforce_ro = true;
++      if (!opt_super_readonly)
++        enforce_ro = !(thd->security_ctx->master_access & SUPER_ACL);
        if (opt_readonly &&
--	  !(thd->security_ctx->master_access & SUPER_ACL) &&
++	  enforce_ro &&
  	  some_non_temp_table_to_be_updated(thd, all_tables))
+       {
--	my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
--	break;
++        my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++                 opt_super_readonly ? "--read-only (super)" : "--read-only");
+       }
  #ifdef HAVE_REPLICATION
      }  /* unlikely */
 === modified file 'sql/sql_trigger.cc'
 --- sql/sql_trigger.cc	2014-08-22 10:02:24 +0000
 +++ sql/sql_trigger.cc	2014-10-17 16:06:20 +0000
@@ -444,6 +444,9 @@
    if (!create)
+   {
      bool if_exists= thd->lex->drop_if_exists;
++    bool enforce_ro= true;
++    if (!opt_super_readonly)
++      enforce_ro= !(thd->security_ctx->master_access & SUPER_ACL);
      /*
        Protect the query table list from the temporary and potentially
@@ -458,10 +461,10 @@
      */
      thd->lex->sql_command= backup.sql_command;
--    if (opt_readonly && !(thd->security_ctx->master_access & SUPER_ACL) &&
--        !thd->slave_thread)
++    if (opt_readonly && enforce_ro && !thd->slave_thread)
+     {
--      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
++      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++               opt_super_readonly ? "--read-only (super)" : "--read-only");
        goto end;
+     }
 === modified file 'sql/sys_vars.cc'
 --- sql/sys_vars.cc	2014-10-15 04:59:52 +0000
 +++ sql/sys_vars.cc	2014-10-17 16:06:20 +0000
@@ -2339,11 +2339,22 @@
  static bool fix_read_only(sys_var *self, THD *thd, enum_var_type type)
+ {
    bool result= true;
++
++  if (read_only == FALSE && super_read_only == TRUE)
++  {
++    if (opt_readonly == TRUE)
++      super_read_only= FALSE;
++    else
++      read_only= TRUE;
++  }
++
    my_bool new_read_only= read_only; // make a copy before releasing a mutex
++  my_bool new_super_read_only= super_read_only;
    DBUG_ENTER("sys_var_opt_readonly::update");
    if (read_only == FALSE || read_only == opt_readonly)
+   {
++    opt_super_readonly= super_read_only;
      opt_readonly= read_only;
      DBUG_RETURN(false);
+   }
@@ -2359,6 +2370,7 @@
        - FLUSH TABLES WITH READ LOCK
        - SET GLOBAL READ_ONLY = 1
      */
++    opt_super_readonly= super_read_only;
      opt_readonly= read_only;
      DBUG_RETURN(false);
+   }
@@ -2375,6 +2387,7 @@
        Prevents transactions from committing.
    */
++  super_read_only= opt_super_readonly;
    read_only= opt_readonly;
    mysql_mutex_unlock(&LOCK_global_system_variables);
@@ -2385,6 +2398,7 @@
      goto end_with_read_lock;
    /* Change the opt_readonly system variable, safe because the lock is held */
++  opt_super_readonly= new_super_read_only;
    opt_readonly= new_read_only;
    result= false;
@@ -2394,6 +2408,7 @@
   end_with_mutex_unlock:
    mysql_mutex_lock(&LOCK_global_system_variables);
   end:
++  super_read_only= opt_super_readonly;
    read_only= opt_readonly;
    DBUG_RETURN(result);
+ }
@@ -2426,6 +2441,14 @@
         "Control TABLE_STATISTICS running, when userstat is enabled",
         GLOBAL_VAR(opt_thread_statistics), CMD_LINE(OPT_ARG), DEFAULT(FALSE));
++static Sys_var_mybool Sys_super_readonly(
++       "super_read_only",
++       "Enable read_only, and also block writes by "
++       "users with the SUPER privilege",
++       GLOBAL_VAR(super_read_only), CMD_LINE(OPT_ARG), DEFAULT(FALSE),
++       NO_MUTEX_GUARD, NOT_IN_BINLOG,
++       ON_CHECK(check_read_only), ON_UPDATE(fix_read_only));
++
  // Small lower limit to be able to test MRR
  static Sys_var_ulong Sys_read_rnd_buff_size(
         "read_rnd_buffer_size",
 === modified file 'sql/transaction.cc'
 --- sql/transaction.cc	2014-02-17 11:12:40 +0000
 +++ sql/transaction.cc	2014-10-17 16:06:20 +0000
@@ -171,11 +171,13 @@
        Implicitly starting a RW transaction is allowed for backward
        compatibility.
      */
--    const bool user_is_super=
--      MY_TEST(thd->security_ctx->master_access & SUPER_ACL);
--    if (opt_readonly && !user_is_super)
++    bool enforce_ro= true;
++    if (!opt_super_readonly)
++      enforce_ro= !(thd->security_ctx->master_access & SUPER_ACL);
++    if (opt_readonly && enforce_ro)
+     {
--      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0), "--read-only");
++      my_error(ER_OPTION_PREVENTS_STATEMENT, MYF(0),
++               opt_super_readonly ? "--read-only (super)" : "--read-only");
        DBUG_RETURN(true);
+     }
      thd->tx_read_only= false;

Percona Server moved to https://jira.percona.com/projects/PS

Merge lp:~laurynas-biveinis/percona-server/super-read-only into lp:percona-server/5.6

Commit message

Description of the change

Preview Diff

Subscribers